React said that this wasn't needed here.

Makes sense, it's not a dependency

To mitigate a security vulnerability in other image

This is for the optimized production builds (production build target)

Was this last one left here on purpose?

Yeah, this is only for testing the frontend prod build target.
Can't test it with the regular docker-compose.yml because it's not in the storedog image.
Can't test it with the docker-compose.dev.yml because of the volume mounts.
I'm adding a script and a make command to generate this file, but there's no reason to add it to source control.

For more context, the prod build creates a server.js file and the command is node server.js. If we're mounting the entire service directory, we end up losing that file.

Is there a reason we're adding service level com.datadoghq.tags.* back in some definitions and not others? IIRC we removed them not long ago because Shawn said they were redundant if we had proper labelling elsewhere (e.g. setting DD_ENV at the agent-level means all other services will follow suit).

I could be mistaken on this, and keeping them doesn't do any harm, so not really a blocker imo

I think this was an accident on my part. I was using my RUM course's branch as a starting point, but there have been updates since that branch was made.

You remove Gemfile.lock but since it's already been checked-in, it won't retroactively ignore it. Need to either delete the file (this is fine, because the docker image sets it up anyway) or reset the git cache so the .gitignore gets adhered to.

Also, I think to avoid this in the future, we should probably create/update a .dockerignore file that has node_modules, .git, and Gemfile.lock

lol oh yeah duh 🤦 ... I don't know enough about Gemfile.lock. Is that something we want under source control?